Hello,
Just trying to get my head around an issue I just saw, and I dont think I am the only person who has wondered about this.
Running vCenter 6.5U2 I have created a couple of local content libraries.
Permissions on this vCenter is using LDAP group membership such as:
1. Global Permission: Administrator: GlobalAdminsLDAPGroup
2. Under Datacenters each team has their own resource pool (based on LDAP Group Membership), each user has a resource pool under their team pool and a team member is an Administrator on those pools only (when a user logs in they only see their team pool/folder and their own pool/folder under it.
The challenge here is, users (who are only admins on their own pools and team pools) when they try and create "New VM from Library" nothing is presented to them as you can see below:
Global Administrators do see the content of all libraries created.
When I assign the users read-only global permissions at that point they can deploy from the content library, but that also allows them to see all the pools and the users for other teams which we dont want to do.
Any thoughts on what is the obvious I am missing here? is there a way I can set Read Only permissions on content libraries?